Security Research
A new vulnerability(CVE-2019-14899) was discovered in Linux and Unix-like systems which allows an attacker in the adjacent network to inject data into the TCP stream and hijack connections. This vulnerability is known to work against OpenVPN, WireGuard, and IKEv2/IPSec, but the vulnerability impacts all VPN implementations. The tor browser seems to be unaffected by this […]
Read More →OpenBSD is a free and open-source Unix-like operating system based on the Berkeley Software Distribution (BSD). It is widely regarded as one of the most secure operating systems available due to many of its security features. Security researchers at Qualys Research Labs have discovered four high-severity security vulnerabilities in OpenBSD, which include one authentication bypass […]
Read More →EmbedThis GoAhead is a simple and compact embedded web server which can be used to efficiently host embedded web applications. GoAhead is a very popular web server and is known to have 1.3 million installations worldwide. A researcher from Cisco Talos discovered two security bugs in GoAhead Embedded Web Server. The two vulnerabilities are tracked […]
Read More →Mozilla has released security updates for Firefox, Firefox ESR and Thunderbird. Eleven vulnerabilities were identified and fixed in Firefox and eight in Firefox ESR and Thunderbird each. The advisories have been ranked high in severity which indicates that the vulnerabilities can be used to gather sensitive data from sites in other windows or inject data […]
Read More →Oracle’s E-Business Suite is a collection of enterprise resource planning (ERP), customer relationship management (CRM), and supply-chain management (SCM) computer applications. Reports indicate that over 21,000 global organizations use Oracle EBS. Two critical vulnerabilities (CVE-2019-2638, CVE-2019-2633) in Oracle EBS have turned around the face of security for businesses. These vulnerabilities (also known as ORACLE EBS […]
Read More →Spearphishing is a key weapon for attackers these days. Spam emails with malicious decoy documents are a dime a dozen. The social engineering used to lure users into opening these mails is elaborate and is unique to every attacker. To break the news, an ongoing malicious campaign was found sending fake Windows Update emails to […]
Read More →